corelight.com Open in urlscan Pro
13.35.253.57 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://corelight.com/about-bro/how-bro-works/
Submission: On February 26 via manual (February 26th 2020, 10:56:45 am UTC) from ES

Summary HTTP 63 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 24 domains to perform 63 HTTP transactions. The main IP is 13.35.253.57, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is corelight.com.
TLS certificate: Issued by Amazon on May 11th 2019. Valid for: a year.

This is the only time corelight.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	13.35.253.57 13.35.253.57	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE)
1	147.75.32.99 147.75.32.99	54825 (PACKET) (PACKET)
1	2a02:26f0:f1:... 2a02:26f0:f1:29d::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN)
2 3	2a00:1450:400... 2a00:1450:4001:821::2004	15169 (GOOGLE) (GOOGLE)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
2 5	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:f1:... 2a02:26f0:f1:28a::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
2	143.204.202.3 143.204.202.3	16509 (AMAZON-02) (AMAZON-02)
3	2.19.36.87 2.19.36.87	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.202.81 143.204.202.81	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
1	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	147.75.33.131 147.75.33.131	54825 (PACKET) (PACKET)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
1	147.75.32.125 147.75.32.125	54825 (PACKET) (PACKET)
1	143.204.202.20 143.204.202.20	16509 (AMAZON-02) (AMAZON-02)
2 2	52.214.123.193 52.214.123.193	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.202.106 143.204.202.106	16509 (AMAZON-02) (AMAZON-02)
2	52.21.178.134 52.21.178.134	14618 (AMAZON-AES) (AMAZON-AES)
1	35.174.78.146 35.174.78.146	14618 (AMAZON-AES) (AMAZON-AES)
63	27

27 13.35.253.57 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-57.fra6.r.cloudfront.net

corelight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.32.99 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress12

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f1:29d::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:824::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f1:28a::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.202.3 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-3.fra53.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.36.87 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-36-87.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-81.fra53.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9c (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.33.131 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress7

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.32.125 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress14

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.20 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-20.fra53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.123.193 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-123-193.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.202.106 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-106.fra53.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.21.178.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-2-ue1.aws.pardot.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.174.78.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-5-ue1.aws.pardot.com

www3.corelight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	corelight.com corelight.com www3.corelight.com	1 MB
5	google-analytics.com 2 redirects www.google-analytics.com	18 KB
3	company-target.com 1 redirects api.company-target.com segments.company-target.com	2 KB
3	6sc.co j.6sc.co c.6sc.co b.6sc.co	8 KB
3	gstatic.com www.gstatic.com	105 KB
3	google.com 2 redirects www.google.com	978 B
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	1 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	73 KB
2	pardot.com pi.pardot.com	4 KB
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	google.de www.google.de	218 B
2	doubleclick.net 2 redirects stats.g.doubleclick.net	319 B
2	driftt.com js.driftt.com	45 KB
2	youtube.com www.youtube.com Failed	944 B
1	google.be www.google.be	504 B
1	twitter.com analytics.twitter.com	652 B
1	t.co t.co	448 B
1	googleadservices.com www.googleadservices.com	204 B
1	ytimg.com s.ytimg.com	10 KB
1	demandbase.com tag.demandbase.com	15 KB
1	bizographics.com sjs.bizographics.com	2 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
63	24

	Domain	Requested by
27	corelight.com	corelight.com
5	www.google-analytics.com	2 redirects www.googletagmanager.com
3	www.gstatic.com	www.googletagmanager.com www.google.com www.gstatic.com
3	www.google.com	2 redirects corelight.com
2	pi.pardot.com	corelight.com pi.pardot.com
2	segments.company-target.com	1 redirects corelight.com
2	match.prod.bidr.io	2 redirects
2	www.google.de	corelight.com
2	stats.g.doubleclick.net	2 redirects
2	js.driftt.com	corelight.com js.driftt.com
2	px.ads.linkedin.com	1 redirects corelight.com
2	www.youtube.com	corelight.com www.googletagmanager.com
1	www3.corelight.com	pi.pardot.com
1	api.company-target.com	tag.demandbase.com
1	vars.hotjar.com	static.hotjar.com
1	www.google.be	www.gstatic.com
1	analytics.twitter.com	static.ads-twitter.com
1	b.6sc.co	corelight.com
1	c.6sc.co	j.6sc.co
1	script.hotjar.com	static.hotjar.com
1	t.co	corelight.com
1	www.googleadservices.com	www.gstatic.com
1	s.ytimg.com	www.youtube.com
1	tag.demandbase.com	corelight.com
1	j.6sc.co	corelight.com
1	sjs.bizographics.com	www.googletagmanager.com
1	static.ads-twitter.com	corelight.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	corelight.com
1	static.hotjar.com	corelight.com
1	www.googletagmanager.com	corelight.com
63	31

This site contains links to these domains. Also see Links.

Domain
corelight.blog
blog.bro.org
www.youtube.com
www3.corelight.com
www.facebook.com
twitter.com
github.com
www.linkedin.com
goo.gl

Subject Issuer	Validity	Valid
www.corelight.com Amazon	`2019-05-11` - `2020-06-11`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2018-04-13` - `2020-04-17`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
drift.com Amazon	`2019-10-03` - `2020-11-03`	a year	crt.sh
*.6sc.co DigiCert SHA2 Secure Server CA	`2020-01-07` - `2021-04-07`	a year	crt.sh
*.demandbase.com Go Daddy Secure Certificate Authority - G2	`2018-09-20` - `2020-11-19`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.google.be GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2019-06-19` - `2021-08-18`	2 years	crt.sh
*.pardot.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-01-17`	a year	crt.sh
www3.corelight.com Let's Encrypt Authority X3	`2020-01-31` - `2020-04-30`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://corelight.com/about-bro/how-bro-works/
Frame ID: EB7FC4466CA3A6D36B9625FA343FBF1D
Requests: 60 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Nb6DRvAKHCw?enablejsapi=1&origin=https%3A%2F%2Fcorelight.com
Frame ID: F4D1735EA33685979A96D43C02DB93B9
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 59066BB885D1B83AC2DA1DB4A2B3D063
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: 4FF040311B2F68F6B783F3EECBCF9177
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-v(?:ue)-/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

63
Requests

98 %
HTTPS

45 %
IPv6

24
Domains

31
Subdomains

27
IPs

6
Countries

1575 kB
Transfer

3204 kB
Size

13
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://corelight.blog/
Title: Blog

Search URL Search Domain Scan URL

URL: http://blog.bro.org/2018/10/renaming-bro-project_11.html
Title: Read

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=L88ZYfjPzyk&feature=youtu.be
Title: watch

Search URL Search Domain Scan URL

URL: https://www3.corelight.com/bro-logs-v2.6

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CorelightInc

Search URL Search Domain Scan URL

URL: https://twitter.com/corelight_inc

Search URL Search Domain Scan URL

URL: https://github.com/corelight

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/corelight

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/9mQycUWtaNQ2
Title: San Francisco, CA

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/dGsk5RDDoh72
Title: Columbus, OH

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=343924&url=https%3A%2F%2Fcorelight.com%2Fabout-bro%2Fhow-bro-works%2F&time=1582714584411 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D343924%26url%3Dhttps%253A%252F%252Fcorelight.com%252Fabout-bro%252Fhow-bro-works%252F%26time%3D1582714584411%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=343924&url=https%3A%2F%2Fcorelight.com%2Fabout-bro%2Fhow-bro-works%2F&time=1582714584411&liSync=true

Request Chain 43

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=554186444&t=pageview&_s=1&dl=https%3A%2F%2Fcorelight.com%2Fabout-bro%2Fhow-bro-works%2F&ul=en-us&de=UTF-8&dt=Corelight%20-%20About%20Bro%20-%20How%20Bro%20Works&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=186251606&gjid=1960085949&cid=1291771456.1582714584&tid=UA-86222136-1&_gid=199158394.1582714584&_r=1&gtm=2wg2c0PVV5SJD&z=1627835419 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-86222136-1&cid=1291771456.1582714584&jid=186251606&_gid=199158394.1582714584&gjid=1960085949&_v=j81&z=1627835419 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-86222136-1&cid=1291771456.1582714584&jid=186251606&_v=j81&z=1627835419 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-86222136-1&cid=1291771456.1582714584&jid=186251606&_v=j81&z=1627835419&slf_rd=1&random=3304999378

Request Chain 55

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAGh7068rJ4AABPMcHHRag HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAGh7068rJ4AABPMcHHRag&verifyHash=fc507530939f3e69a0239e46dfbc5ee4799b788

Request Chain 60

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=554186444&t=event&ni=1&_s=2&dl=https%3A%2F%2Fcorelight.com%2Fabout-bro%2Fhow-bro-works%2F&ul=en-us&de=UTF-8&dt=Corelight%20-%20About%20Bro%20-%20How%20Bro%20Works&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Drift%20Widget&ea=Playbook%20Fired&el=Playbook%20ID%3A%201608420&_u=aHBAAEAB~&jid=1733004021&gjid=709253586&cid=1291771456.1582714584&tid=UA-86222136-1&_gid=199158394.1582714584&_r=1&gtm=2wg2c0PVV5SJD&z=370910720 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-86222136-1&cid=1291771456.1582714584&jid=1733004021&_gid=199158394.1582714584&gjid=709253586&_v=j81&z=370910720 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-86222136-1&cid=1291771456.1582714584&jid=1733004021&_v=j81&z=370910720 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-86222136-1&cid=1291771456.1582714584&jid=1733004021&_v=j81&z=370910720&slf_rd=1&random=196650848

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
corelight.com/about-bro/how-bro-works/ 398 KB
96 KB 188ms
33ms Document
text/html 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a35ddf68298e07dc739dc1faba1b47e28716699d95eedfe51b2e85f65aae6311

Request headers

:method: GET
:authority: corelight.com
:scheme: https
:path: /about-bro/how-bro-works/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
content-type: text/html
date: Wed, 26 Feb 2020 05:30:44 GMT
x-amz-meta-s3cmd-attrs: atime:1568831560/ctime:1568831560/gid:514/gname:benjamin/md5:87329b9077d875c08ac9f82415039865/mode:33204/mtime:1568831560/uid:514/uname:benjamin
last-modified: Tue, 25 Feb 2020 20:59:26 GMT
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 8Hb_KwvAKrQRWrseEaCP7OIhTp44wHfVITXQBOcN67otrwYqiwWicQ==

GET
H2 404 5d94c051f29962aba94b.js
corelight.com/_nuxt/ 0
0 83ms
82ms Script
text/html 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://corelight.com/_nuxt/5d94c051f29962aba94b.js
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 10:51:50 GMT
x-amz-error-code: NoSuchKey
age: 273
x-amz-error-message: The specified key does not exist.
status: 404
x-cache: Error from cloudfront
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 20:58:10 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:a6a05ae42f32709084bc2b06f325af5c
vary: Accept-Encoding
x-amz-error-detail-key: _nuxt/5d94c051f29962aba94b.js
content-type: text/html
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: scxLk1_SKQUXk53RIaHcf4aArPTAw-zNLHNyqRMLmMMTY0Tq70b3zQ==

GET
H2 200 a13e4c5f1a951bcb23b3.js Show response
corelight.com/_nuxt/ 189 KB
66 KB 76ms
75ms Script
text/plain 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://corelight.com/_nuxt/a13e4c5f1a951bcb23b3.js
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a86c9ca5c9f1632576526abf95a068a0ef0f80e6d409e62fb461afcc4fa621fd

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 10:51:51 GMT
content-encoding: gzip
last-modified: Tue, 17 Sep 2019 20:45:14 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1567780377/ctime:1567780377/gid:514/gname:benjamin/md5:e3ed68ca8006f260cb418157caaa214a/mode:33204/mtime:1567780377/uid:514/uname:benjamin
age: 273
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/plain
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: C0-HhgkQWfz6GrEVKwGhkKWKw992YmcqKJ5fsL8JpLTOfxNv6YbRig==
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)

GET
H2 200 93455c2ae803685fe737.js Show response
corelight.com/_nuxt/ 347 KB
95 KB 61ms
60ms Script
text/plain 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://corelight.com/_nuxt/93455c2ae803685fe737.js
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6117da538274d9c4df8a650e5207e7a0278125b819cb0644d67379dc1b5304f

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 10:51:51 GMT
content-encoding: gzip
last-modified: Tue, 17 Sep 2019 20:45:13 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1567780377/ctime:1567780377/gid:514/gname:benjamin/md5:dc9221971351cfb1489784f0a4e9b549/mode:33204/mtime:1567780377/uid:514/uname:benjamin
age: 273
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/plain
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: _J6v8MBiBJqQfxpHhIHPmjkFBuCVlBPr73gdpuGq4YLlcol71eUCjA==
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)

GET
H2 200 07473771a4f3e8fde0fa.js Show response
corelight.com/_nuxt/ 186 KB
49 KB 74ms
74ms Script
text/plain 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://corelight.com/_nuxt/07473771a4f3e8fde0fa.js
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a37c5026f2d145ee5014c4ba15eb7841b55493eafdf602f0cf75b54e4c914377

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 10:51:51 GMT
content-encoding: gzip
last-modified: Tue, 17 Sep 2019 20:45:00 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1567780377/ctime:1567780377/gid:514/gname:benjamin/md5:194d4d986288f6c04856df0cbe5c5d59/mode:33204/mtime:1567780377/uid:514/uname:benjamin
age: 273
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/plain
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: MfRwvWWYWv_lwZkg1dE1_9xSro8VknylR5dtlY71AFAjoxNWWyfA5Q==
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)

GET
H2 200 a28de6b197013826fb7d.js Show response
corelight.com/_nuxt/ 15 KB
4 KB 75ms
75ms Script
text/html 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://corelight.com/_nuxt/a28de6b197013826fb7d.js
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d026477a3f7a4bd0e23cab9a84927283ae7086b72015b510d5e9363a4427caa

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 10:51:51 GMT
content-encoding: gzip
last-modified: Tue, 17 Sep 2019 20:45:14 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1567780377/ctime:1567780377/gid:514/gname:benjamin/md5:9259d49f110e9cdc439ad924a7f5fe3d/mode:33204/mtime:1567780377/uid:514/uname:benjamin
age: 273
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: ftqLWIBArWlU84xP5p1jHeWVvtEo4XHoHS_7NtYgpOhd0FgzZcPydw==
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)

GET
H2 200 5a54826e7a4ab4d90145.js Show response
corelight.com/_nuxt/ 22 KB
6 KB 213ms
213ms Script
text/plain 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://corelight.com/_nuxt/5a54826e7a4ab4d90145.js
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 961ce428952e7e0fe9d0cb415d5bf130e12d32bbc32a72ecc6a8c34d49e6c8ca

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 10:56:25 GMT
content-encoding: gzip
last-modified: Tue, 17 Sep 2019 20:45:09 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1567780377/ctime:1567780377/gid:514/gname:benjamin/md5:2470e2a7a4a71e6fb7469ddd5b723f37/mode:33204/mtime:1567780377/uid:514/uname:benjamin
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/plain
status: 200
x-amz-cf-id: lQo7yTbJQ1gl_lAF5i1MtG-IllJPCBbWA768jLUvulYph3girrhgcQ==
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
33 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVV5SJD

Requested by

Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1112b5152bfce156db9a24de44e9dd17c0e0f6abc3740b259db7164a3ce0740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 10:56:24 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33254
x-xss-protection: 0
last-modified: Wed, 26 Feb 2020 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Feb 2020 10:56:24 GMT

GET
H2 200 hotjar-875805.js Show response
static.hotjar.com/c/ 17 KB
3 KB 146ms
104ms Script
application/javascript 147.75.32.99
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-875805.js?sv=6

Requested by

Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.32.99 Amsterdam, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress12

Software

Resource Hash

a56fd80610152e580304ab562acfa9bb8121485ce33eca6b40730a528f0c97e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 10:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 0
status: 200
access-control-max-age: 600
section-io-cache: Miss
content-length: 2956
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/ce98190b40a61a009548b9cf569c7292
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.083
accept-ranges: bytes
section-io-id: 6ea7584822e881f840e7999040eb911b
section-origin-responded: true

GET
H2 200 logo-corelight-ac156d2.png
corelight.com/_nuxt/img/assets/images/ 5 KB
6 KB 263ms
261ms Image
image/png 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corelight.com/_nuxt/img/assets/images/logo-corelight-ac156d2.png
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d0cf465ac5fd0abf1aa549d6a7befc390e2b26deb4aa14d63dd19e591f46b9d5

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 10:56:25 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Fri, 25 Oct 2019 18:57:06 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1536095984/ctime:1536095974/gid:20/gname:staff/md5:ac156d271d5e52b509a19461c36a38ff/mode:33188/mtime:1536095694/uid:501/uname:benjaminbecker
x-amz-cf-pop: FRA6-C1
etag: "ac156d271d5e52b509a19461c36a38ff"
x-cache: Miss from cloudfront
content-type: image/png
status: 200
content-length: 5340
x-amz-cf-id: mZkYvmXE_1ovsjdd0qZZdf7gpDAj9Kqtzf7m1ClT47uSWfUyjOdW0g==

GET
H2 200 zeek-52df9bf.svg
corelight.com/_nuxt/img/assets/images/about-bro/ 10 KB
4 KB 171ms
170ms Image
image/svg+xml 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corelight.com/_nuxt/img/assets/images/about-bro/zeek-52df9bf.svg
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b36c14f6655fc0da0f85cd0f643eaa8f5c0c393a1af84149047f5a3b5eae60a

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 10:56:25 GMT
content-encoding: gzip
last-modified: Fri, 25 Oct 2019 18:56:46 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1541462976/ctime:1541462976/gid:514/gname:benjamin/md5:7d4ababfc3baa298c3b305ea94d31188/mode:33204/mtime:1541462976/uid:514/uname:benjamin
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-id: jdolrHeANNvh6ZoB205I_YePeTYpYqPlszKHxa9jQCymNYV7wKBo0w==
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)

GET
H2 200 tracing-logs-f97b492.png
corelight.com/_nuxt/img/assets/images/ 102 KB
103 KB 30ms
29ms Image
image/png 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corelight.com/_nuxt/img/assets/images/tracing-logs-f97b492.png
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2713d916bfd08d4a04eeb0dc0042caa636a51ec1aa3d50a08b50a52d0ba9ab17

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 10:51:52 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Fri, 25 Oct 2019 18:57:27 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1536095981/ctime:1536095974/gid:20/gname:staff/md5:f97b492307afceb5e766f44b057bcdac/mode:33188/mtime:1536095694/uid:501/uname:benjaminbecker
age: 273
etag: "f97b492307afceb5e766f44b057bcdac"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA6-C1
content-length: 104443
x-amz-cf-id: NQOeCZ9684tVuhtxvWlAlDQAhEclIT_GNNrqkdwS2i9EIpKSLMw6Nw==

GET
H2 200 seth-41a3eb3.png
corelight.com/_nuxt/img/assets/images/ 136 KB
137 KB 64ms
63ms Image
image/png 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corelight.com/_nuxt/img/assets/images/seth-41a3eb3.png
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3676c19e19e55d7c62044bf90561bb191f7b24fabaedf0e1a6afffe3a4cf5049

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 10:51:52 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Tue, 17 Sep 2019 20:46:16 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1536095982/ctime:1536095974/gid:20/gname:staff/md5:41a3eb352733756789d7128ccff22a52/mode:33188/mtime:1536095694/uid:501/uname:benjaminbecker
age: 273
etag: "41a3eb352733756789d7128ccff22a52"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA6-C1
content-length: 139245
x-amz-cf-id: HHBAUlPkMQ4Fzwh_jhPNIJP-trnQKacMlxzLP_4kHTsSeJsGkJHHIA==

GET
H2 200 bro-logs-052c901.png
corelight.com/_nuxt/img/assets/images/ 336 KB
337 KB 66ms
65ms Image
image/png 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corelight.com/_nuxt/img/assets/images/bro-logs-052c901.png
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab2e90da0794fcdea5401cced122f4d90940cdd6b2af95711676d120adb859d8

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 07:01:47 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Tue, 17 Sep 2019 20:45:32 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1544988281/ctime:1544988281/gid:514/gname:benjamin/md5:052c90155f96fbe027ecc49b88a4d5f5/mode:33204/mtime:1544988281/uid:514/uname:benjamin
x-amz-cf-pop: FRA6-C1
etag: "052c90155f96fbe027ecc49b88a4d5f5"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
content-length: 344402
x-amz-cf-id: fYN59gWX1d4rpelX9bUkRMIcfQUPQHGQMHHXOjBGX9JoWAkSo_us_g==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:f1:29d::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f1:29d::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 10:56:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=48475
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET Nb6DRvAKHCw
www.youtube.com/embed/ Frame F4D1 0
0

GET
H2 200 icon-contact-pencil-5e8635e.svg
corelight.com/_nuxt/img/assets/images/ 3 KB
2 KB 50ms
50ms Image
image/svg+xml 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corelight.com/_nuxt/img/assets/images/icon-contact-pencil-5e8635e.svg
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 540d84351e411c59ef91ba7ec4d4acbe738a56fb2c682bdde5cc88eda5878184

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 10:51:52 GMT
content-encoding: gzip
last-modified: Fri, 25 Oct 2019 18:57:03 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1536095986/ctime:1536095974/gid:20/gname:staff/md5:5e8635e0d3eab798a9ded2ed81a3b93a/mode:33188/mtime:1536095694/uid:501/uname:benjaminbecker
age: 273
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: l5ejiNTAHdfdhBqmZYiQYsECMDvZguJq65wjY6vCZrocQoPZthfSnQ==
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)

GET
DATA 200
OK truncated
/ 907 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3459985f7137891a15f19247d95d5b53b649470299f991c57deabc7777f2f5eb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 power-of-bro-bg-fb8e2af.png
corelight.com/_nuxt/img/assets/images/ 93 KB
94 KB 43ms
43ms Image
image/png 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corelight.com/_nuxt/img/assets/images/power-of-bro-bg-fb8e2af.png
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efd8cb47898e65844edc526a9688dd8373885ad1364eccb282d1d5555615653e

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 10:51:52 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Fri, 25 Oct 2019 18:57:10 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1536095983/ctime:1536095974/gid:20/gname:staff/md5:fb8e2af5e5a18e2e8d5e8fa8f1cc17ad/mode:33188/mtime:1536095694/uid:501/uname:benjaminbecker
age: 273
etag: "fb8e2af5e5a18e2e8d5e8fa8f1cc17ad"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA6-C1
content-length: 95374
x-amz-cf-id: -Ow8mljWKhFdxLfhuRqysRipefmySK1BJ4zEgfRPdYNkvIor8sDUQg==

GET
H2 200 icon-download-5ef95ae.svg
corelight.com/_nuxt/img/assets/images/ 3 KB
1 KB 157ms
155ms Image
image/svg+xml 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corelight.com/_nuxt/img/assets/images/icon-download-5ef95ae.svg
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2b8d3b44bc7d1cd2de614675f91418ec7fc014fa77199c3d0a12882f4691579

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 10:56:25 GMT
content-encoding: gzip
last-modified: Fri, 25 Oct 2019 18:57:03 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1555363048/ctime:1555363048/gid:514/gname:benjamin/md5:5ef95aef9f1324dff5f9a7a0a54369d5/mode:33204/mtime:1555363048/uid:514/uname:benjamin
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-id: NiVL3bYTMtGmJXg3zFKWkjj0_j687lTBPIJOVyp0r72kMFaiwr8yFw==
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)

GET
H2 200 eyes-sweep-6e4d814.png
corelight.com/_nuxt/img/assets/images/ 90 KB
90 KB 64ms
62ms Image
image/png 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corelight.com/_nuxt/img/assets/images/eyes-sweep-6e4d814.png
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b67b9472884823ec089b53a04f8899d8ba7a23f3533c5667e75ea4e13f4c9b97

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 10:51:52 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Fri, 25 Oct 2019 18:56:57 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1536095988/ctime:1536095974/gid:20/gname:staff/md5:6e4d814146000dd3c0b5d6c67fe8dec5/mode:33188/mtime:1536095694/uid:501/uname:benjaminbecker
age: 273
etag: "6e4d814146000dd3c0b5d6c67fe8dec5"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA6-C1
content-length: 91916
x-amz-cf-id: iGP6gN9rSIoO5a_DMbB_kVjqy_oJvkeZqIfAxgGJ3sxOe1znpDR6zg==

GET
H2 200 img-photon-xs-d2707c0.png
corelight.com/_nuxt/img/assets/images/ 22 KB
22 KB 195ms
192ms Image
image/png 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corelight.com/_nuxt/img/assets/images/img-photon-xs-d2707c0.png
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 628f44c12008251d29a3df8a4d05388aed026f9689bee0aae063533637f95751

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 10:56:25 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Fri, 25 Oct 2019 18:57:05 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1536095984/ctime:1536095974/gid:20/gname:staff/md5:d2707c024c565fbd07ac17186a66e0e5/mode:33188/mtime:1536095694/uid:501/uname:benjaminbecker
x-amz-cf-pop: FRA6-C1
etag: "d2707c024c565fbd07ac17186a66e0e5"
x-cache: Miss from cloudfront
content-type: image/png
status: 200
content-length: 22316
x-amz-cf-id: dVwnpWLciDBjhVnHM5q2V7Vy9fv4neFk1jgG11gvZzsDGCf3gBZREQ==

GET
H2 200 social-facebook-d5bd4fc.png
corelight.com/_nuxt/img/assets/images/ 4 KB
4 KB 63ms
60ms Image
image/png 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corelight.com/_nuxt/img/assets/images/social-facebook-d5bd4fc.png
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65f4922ab8cf9536a7ad70cac98c1667c9b8a70d69e88c61227be23059417b66

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 10:51:52 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Fri, 25 Oct 2019 18:57:24 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1536095982/ctime:1536095974/gid:20/gname:staff/md5:d5bd4fc60060c5821aea2ff90237b9c8/mode:33188/mtime:1536095694/uid:501/uname:benjaminbecker
age: 273
etag: "d5bd4fc60060c5821aea2ff90237b9c8"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA6-C1
content-length: 3595
x-amz-cf-id: gv1sBrT4QGyQnuraJeWwmhSW2TSOW0q_KTmQKgNKZPMmd-qqEhGXYg==

GET
H2 200 social-twitter-38db388.png
corelight.com/_nuxt/img/assets/images/ 3 KB
4 KB 62ms
60ms Image
image/png 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corelight.com/_nuxt/img/assets/images/social-twitter-38db388.png
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce5468c6ee0580c04f7f08f0b81731b8911caff9663e6d3baedc2bf35a3eafb3

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 10:51:52 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Fri, 25 Oct 2019 18:57:24 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1536095982/ctime:1536095974/gid:20/gname:staff/md5:38db3881ccadb626999f053d8a11c5a2/mode:33188/mtime:1536095694/uid:501/uname:benjaminbecker
age: 273
etag: "38db3881ccadb626999f053d8a11c5a2"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA6-C1
content-length: 3258
x-amz-cf-id: 2yWksPVROGbDItEs-bwFAtF9fBUL8_5cifINwcB5LL3nHSQUaCXa7Q==

GET
H2 200 social-github-9808b2a.png
corelight.com/_nuxt/img/assets/images/ 5 KB
5 KB 163ms
160ms Image
image/png 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corelight.com/_nuxt/img/assets/images/social-github-9808b2a.png
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9d52bb4f12738f6da0ed83898dcfd81d4b873582d78258706feeeef5e3f510a

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 10:56:25 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Fri, 25 Oct 2019 18:57:24 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1536095982/ctime:1536095974/gid:20/gname:staff/md5:9808b2ab3ef64e3120690944684c4392/mode:33188/mtime:1536095694/uid:501/uname:benjaminbecker
x-amz-cf-pop: FRA6-C1
etag: "9808b2ab3ef64e3120690944684c4392"
x-cache: Miss from cloudfront
content-type: image/png
status: 200
content-length: 4778
x-amz-cf-id: _k3jh5qTGZZCUeCfP9JXGRyrRtGzhW_cAHuuHNpGk-7xIaFfF01-mA==

GET
H2 200 social-linkedin-f9a24d5.png
corelight.com/_nuxt/img/assets/images/ 4 KB
4 KB 63ms
61ms Image
image/png 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corelight.com/_nuxt/img/assets/images/social-linkedin-f9a24d5.png
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a2f6b706620b27015876cce4ec1eaea37d1671245b83980e3331a14484f4f59

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 10:51:53 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Fri, 25 Oct 2019 18:57:24 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1536095982/ctime:1536095974/gid:20/gname:staff/md5:f9a24d548f81e5d6ac5039fe174aa511/mode:33188/mtime:1536095694/uid:501/uname:benjaminbecker
age: 272
etag: "f9a24d548f81e5d6ac5039fe174aa511"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA6-C1
content-length: 3900
x-amz-cf-id: g8_7UN-MGrm657QXD017s4uoLulS9weVilCshmNNvVvU2T26Q3JUJQ==

GET
H2 200 icon-map-pin-ed45ed1.png
corelight.com/_nuxt/img/assets/images/ 1 KB
2 KB 73ms
71ms Image
image/png 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corelight.com/_nuxt/img/assets/images/icon-map-pin-ed45ed1.png
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 427357c89991fabce3fc001b8434c120d2130231517c6c71bd22834eb789e5fe

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 10:51:53 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Fri, 25 Oct 2019 18:57:04 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1536095985/ctime:1536095974/gid:20/gname:staff/md5:ed45ed129ed4fbed266829d04c606cdf/mode:33188/mtime:1536095694/uid:501/uname:benjaminbecker
age: 272
etag: "ed45ed129ed4fbed266829d04c606cdf"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA6-C1
content-length: 1427
x-amz-cf-id: kgwgBEybynRv-xvu2rzdsIlzexJhWN0z7REHDcVLtfG08RJ6qIXNeg==

GET
H2 200 5c9686e.woff
corelight.com/_nuxt/fonts/ 22 KB
23 KB 71ms
69ms Font
font/woff 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://corelight.com/_nuxt/fonts/5c9686e.woff
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b52955ddb6d6e75624fe0c01be5d9750382b17bb089efd881e3ae65d95e5898

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
Origin: https://corelight.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 10:51:51 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Tue, 25 Feb 2020 20:58:23 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1536095991/ctime:1536095974/gid:20/gname:staff/md5:5c9686ee4caaac73b1a028275191c78b/mode:33188/mtime:1536095694/uid:501/uname:benjaminbecker
age: 274
etag: "5c9686ee4caaac73b1a028275191c78b"
x-cache: Hit from cloudfront
content-type: font/woff
status: 200
x-amz-cf-pop: FRA6-C1
content-length: 22928
x-amz-cf-id: LTEQmrx7YPMSbQs1kT4XHsA58NQeY2DfzJng5XDOJkiS2ZxgIdC-7w==

GET
H2 200 e519eef.woff2
corelight.com/_nuxt/fonts/ 36 KB
36 KB 72ms
70ms Font
font/woff2 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://corelight.com/_nuxt/fonts/e519eef.woff2
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bba3ce31a068f3a77a545bf0ef625b4823739ada733d784872b68ef722bcb795

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
Origin: https://corelight.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 10:51:52 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Mon, 10 Feb 2020 23:14:59 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1536095989/ctime:1536095974/gid:20/gname:staff/md5:e519eef3aaa5e7db03d6a901694fc660/mode:33188/mtime:1536095694/uid:501/uname:benjaminbecker
age: 273
etag: "e519eef3aaa5e7db03d6a901694fc660"
x-cache: Hit from cloudfront
content-type: font/woff2
status: 200
x-amz-cf-pop: FRA6-C1
content-length: 36856
x-amz-cf-id: Qh3FadBKlzBvlTo8f1jT7FpRuxDHJEUjs0JZAOPzJNbsjYCd3mJWbg==

GET
H2 200 fd6362c.woff
corelight.com/_nuxt/fonts/ 22 KB
23 KB 255ms
253ms Font
font/woff 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://corelight.com/_nuxt/fonts/fd6362c.woff
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3395ef075ee4c9d243a2b3ba591a4ec4896f0cc6add2434cb416e19a291f4a4

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
Origin: https://corelight.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 10:56:25 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Tue, 25 Feb 2020 20:58:25 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1536095990/ctime:1536095974/gid:20/gname:staff/md5:fd6362cfeb43f3c03972416e801683d2/mode:33188/mtime:1536095694/uid:501/uname:benjaminbecker
x-amz-cf-pop: FRA6-C1
etag: "fd6362cfeb43f3c03972416e801683d2"
x-cache: Miss from cloudfront
content-type: font/woff
status: 200
content-length: 22792
x-amz-cf-id: 68rKb3BsfIX1RoO-I-wAVsPXPHcn_lPC-9tfnnY7gcN0KA_IOljRXw==

GET
H2 200 c8ffdeb.woff
corelight.com/_nuxt/fonts/ 20 KB
21 KB 165ms
164ms Font
font/woff 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://corelight.com/_nuxt/fonts/c8ffdeb.woff
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 724ffca6332d70f4cbb540b05753e0e5d59a9b25a0eefd2e46fbf841ad41889b

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
Origin: https://corelight.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 10:56:25 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Tue, 25 Feb 2020 20:58:24 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1536095990/ctime:1536095974/gid:20/gname:staff/md5:c8ffdeb3144d5055756ef01ef98e8486/mode:33188/mtime:1536095694/uid:501/uname:benjaminbecker
x-amz-cf-pop: FRA6-C1
etag: "c8ffdeb3144d5055756ef01ef98e8486"
x-cache: Miss from cloudfront
content-type: font/woff
status: 200
content-length: 20696
x-amz-cf-id: zA-eHXTz1RmqzW0QwzWB8ClEqYrYXH45X3aE6Qo4D2mESS1krYWsHg==

GET
H2 200 f9fc978.woff
corelight.com/_nuxt/fonts/ 20 KB
21 KB 73ms
71ms Font
font/woff 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://corelight.com/_nuxt/fonts/f9fc978.woff
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f21a07b8173a59a6cdf3f46d46a4bd1b14e4146d4e1c80a543021a6d69b2fe8c

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
Origin: https://corelight.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 10:51:52 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Tue, 25 Feb 2020 00:55:05 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1536095990/ctime:1536095974/gid:20/gname:staff/md5:f9fc9780feed3b7444ba6277f067c7f5/mode:33188/mtime:1536095694/uid:501/uname:benjaminbecker
age: 273
etag: "f9fc9780feed3b7444ba6277f067c7f5"
x-cache: Hit from cloudfront
content-type: font/woff
status: 200
x-amz-cf-pop: FRA6-C1
content-length: 20676
x-amz-cf-id: l-Q2LhmjuojWXyXhBMaCPz8_35gNPqOXES-T5HhLIyCzQLPDfqSJKg==

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=343924&url=https%3A%2F%2Fcorelight.com%2Fabout-bro%2Fhow-bro-works%2F&time=1582714584411
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D343924%26url%3Dhttps%253A%252F%252Fcorelight.com%252Fabout-bro%252Fhow-bro-works%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=343924&url=https%3A%2F%2Fcorelight.com%2Fabout-bro%2Fhow-bro-works%2F&time=1582714584411&liSync=true

0
40 B

171ms
171ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=343924&url=https%3A%2F%2Fcorelight.com%2Fabout-bro%2Fhow-bro-works%2F&time=1582714584411&liSync=true
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 10:56:24 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: m4wYf4fu9hXQAmt5qisAAA==

Redirect headers

date: Wed, 26 Feb 2020 10:56:24 GMT
x-content-type-options: nosniff
linkedin-action: 1
status: 302
strict-transport-security: max-age=2592000
content-length: 0
x-li-uuid: 1Y3Xcofu9hWAQEtXlysAAA==
server: Play
pragma: no-cache
x-li-pop: prod-efr5
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=343924&url=https%3A%2F%2Fcorelight.com%2Fabout-bro%2Fhow-bro-works%2F&time=1582714584411&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 740 B
619 B 20ms
19ms Script
text/javascript 2a00:1450:4001:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit

Requested by

Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9081be38d63b2736d8d7a6f5a33f30014b75c9231c1e53160d8b4c94cf21cbec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 10:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 474
x-xss-protection: 1; mode=block
expires: Wed, 26 Feb 2020 10:56:24 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 61ms
20ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 10:56:24 GMT
content-encoding: gzip
age: 9759
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-hhn4026-HHN
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1582714584.479246,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVV5SJD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3853
date: Wed, 26 Feb 2020 09:52:11 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Wed, 26 Feb 2020 11:52:11 GMT

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 3 KB
2 KB 17ms
16ms Script
application/x-javascript 2a02:26f0:f1:28a::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVV5SJD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f1:28a::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 10:56:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=73439
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 422 B
444 B 8ms
7ms Script
text/javascript 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVV5SJD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbb6560ed1e9e91e2ceb73f50c333bf5fd86d56839161bf5383a1dd44faf5bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 10:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Oct 2019 19:45:00 GMT
server: sffe
age: 1459
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 286
x-xss-protection: 0
expires: Wed, 26 Feb 2020 11:32:05 GMT

GET
H2 200 7hbw4wxfwim5.js Show response
js.driftt.com/include/1582714800000/ 136 KB
45 KB 201ms
152ms Script
application/javascript 143.204.202.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1582714800000/7hbw4wxfwim5.js

Requested by

Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.202.3 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-202-3.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

eb1bd595c36a9da5b069834dfccb512a186a280e1a9e4c14bb074d41fcf03707

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 10:56:24 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
last-modified: Mon, 24 Feb 2020 19:42:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Rkt5VmN65rFSaByLzpp9L55_w_-rTiBGpIfgJjlGgQGQ9bUi-BGcig==

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 14 KB
6 KB 123ms
20ms Script
application/javascript 2.19.36.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/6si.min.js
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.36.87 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-36-87.deploy.static.akamaitechnologies.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 92dea0037946ab7baf6fa695b397e14e78ab4702a3a1526729ac43c6457fe310

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 10:56:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Dec 2019 01:37:18 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5de70dce-389e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 5948

GET
H2 200 c786d2fa.min.js Show response
tag.demandbase.com/ 56 KB
15 KB 424ms
377ms Script
application/javascript 143.204.202.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.demandbase.com/c786d2fa.min.js
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-81.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95f4bb89e42cbbadc84759c99bccb8ef9e27013374e8b771cf36e7cb31411204

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 10:56:25 GMT
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 17:50:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: GRQllWsYN7ove.4u78iK.PHK2P18PvZJ
status: 200
cache-control: public, max-age=3600
content-type: application/javascript; charset=utf-8
x-amz-cf-id: yl4NHpM0aO6p2YBIiZPO7FbpLrkN7rh3d_Km38ZS2C2q72m7LEQGGQ==
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)

GET
H2 200 Nb6DRvAKHCw
www.youtube.com/embed/ Frame F4D1 0
0 115ms
114ms Document
text/html 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Nb6DRvAKHCw?enablejsapi=1&origin=https%3A%2F%2Fcorelight.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVV5SJD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/Nb6DRvAKHCw?enablejsapi=1&origin=https%3A%2F%2Fcorelight.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://corelight.com/about-bro/how-bro-works/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://corelight.com/about-bro/how-bro-works/

Response headers

status: 200
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-encoding: br
cache-control: no-cache
content-type: text/html; charset=utf-8
date: Wed, 26 Feb 2020 10:56:24 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=QNjyUzgY98U; path=/; domain=.youtube.com; secure; expires=Mon, 24-Aug-2020 10:56:24 GMT; httponly; samesite=None YSC=soRPrEYTf6o; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Wed, 26-Feb-2020 11:26:24 GMT VISITOR_INFO1_LIVE=QNjyUzgY98U; path=/; domain=.youtube.com; secure; expires=Mon, 24-Aug-2020 10:56:24 GMT; httponly; samesite=None
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
944 B 22ms
19ms Script
application/javascript 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVV5SJD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

fd3944f9eb849b9a7a5fc78ccde06c6bff482ec905080ee5b8aa5e8fced1a34a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 10:56:24 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/61bII03-TtCmSUR7dw9MJF9q/ 259 KB
93 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/61bII03-TtCmSUR7dw9MJF9q/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e24eebce672e525c8268db380a3e65b3369b7c5335c7888d5b08554cbde79863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 24 Feb 2020 19:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 23 Feb 2020 21:06:15 GMT
server: sffe
age: 140780
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 94565
x-xss-protection: 0
expires: Tue, 23 Feb 2021 19:50:04 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=554186444&t=pageview&_s=1&dl=https%3A%2F%2Fcorelight.com%2Fabout-bro%2Fhow-bro-works%2F&ul=en-us&de=UTF-8&dt=Corelight%20-%20About%20Bro%20-%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-86222136-1&cid=1291771456.1582714584&jid=186251606&_gid=199158394.1582714584&gjid=1960085949&_v=j81&z=1627835419
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-86222136-1&cid=1291771456.1582714584&jid=186251606&_v=j81&z=1627835419
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-86222136-1&cid=1291771456.1582714584&jid=186251606&_v=j81&z=1627835419&slf_rd=1&random=3304999378

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-86222136-1&cid=1291771456.1582714584&jid=186251606&_v=j81&z=1627835419&slf_rd=1&random=3304999378

Requested by

Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Feb 2020 10:56:24 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Feb 2020 10:56:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-86222136-1&cid=1291771456.1582714584&jid=186251606&_v=j81&z=1627835419&slf_rd=1&random=3304999378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl-1_32.js Show response
www.gstatic.com/wcm/ 30 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/impl-1_32.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cc17f2a29825643f4ab4b92f34c6fe5e9b12f1dd87068a07c4933488fd880f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 24 Feb 2020 16:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Aug 2019 17:45:00 GMT
server: sffe
age: 152686
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12298
x-xss-protection: 0
expires: Tue, 23 Feb 2021 16:31:38 GMT

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vfljVX6tA/ 27 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vfljVX6tA/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe7a86c76c74d7ed774325d80240edd8f7f9cd835392c368884616effa572d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 25 Feb 2020 20:32:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51835
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10171
x-xss-protection: 0
last-modified: Mon, 24 Feb 2020 23:13:52 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 04 Mar 2020 20:32:29 GMT

GET
H2 200 wcm Show response
www.googleadservices.com/pagead/conversion/880638848/ 39 B
204 B 30ms
30ms XHR
application/json 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/880638848/wcm?cl=EY8UCLat37QBEID39aMD&fb=18885479497&callback=corscb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/impl-1_32.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

3252128425e1e7b89d9f1e14192ba6b3b3140348a27a208edb8583401e00334e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
Origin: https://corelight.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 10:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://corelight.com
cache-control: private
access-control-allow-credentials: true
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59
x-xss-protection: 0

GET
H2 200 adsct
t.co/i/ 43 B
448 B 193ms
148ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nz8zc&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 10:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 0
x-response-time: 118
pragma: no-cache
last-modified: Wed, 26 Feb 2020 10:56:24 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f5d8f590c2f837ed944d48ca5021c5c0
x-transaction: 0072eb55008d29c2
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 modules.ec4d468062bd562b1a1c.js Show response
script.hotjar.com/ 401 KB
70 KB 57ms
19ms Script
application/javascript 147.75.33.131
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.ec4d468062bd562b1a1c.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-875805.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.33.131 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress7
Software: /
Resource Hash: edbe5b0efd18f8a8b39e294b847a72289fd77b2e370cb8f6edc9e1a34f2c2330

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 10:56:25 GMT
content-encoding: br
content-type: application/javascript
age: 147835
status: 200
section-io-cache: Hit
content-length: 71364
last-modified: Mon, 24 Feb 2020 17:49:08 GMT
etag: "d9d8a7b9719ef764bf9b4d8f74da5ef5"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.024
accept-ranges: bytes
section-io-id: aac0074b7fa9210a2dc9768493c51415
section-origin-responded: true

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
369 B 109ms
19ms XHR
text/plain 2.19.36.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.36.87 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-36-87.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 575e47ce392355c76acb5f9a9223b7cf0690c2d45d8d245d67574c94db7073f7

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
Origin: https://corelight.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 26 Feb 2020 10:56:24 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://corelight.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 330ms
241ms Image
image/gif 2.19.36.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=e13725f521f4b7b8b185e2f10ffe13a5&svisitor=&visitor=07178bbd-668a-4440-84bc-865044cf4e30&session=b56d3c17-3a47-455c-8fa0-10ff937ddcd7&event=a_pageload&q=%7B%7D&isIframe=false&m=%7B%22description%22%3A%22Bro%20is%20the%20world%27s%20most%20powerful%20framework%20for%20transforming%20network%20traffic%20into%20actionable%20data%20for%20analysis%2C%20forensics%2C%20and%20real-time%20response.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Corelight%20-%20About%20Bro%20-%20How%20Bro%20Works%22%7D&cb=14584577&r=&thirdParty=%7B%7D

Requested by

Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.36.87 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-19-36-87.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 26 Feb 2020 10:56:24 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:51:25 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e5026ad-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
652 B 208ms
144ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nz8zc&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fcorelight.com%2Fabout-bro%2Fhow-bro-works%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 26 Feb 2020 10:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 122
pragma: no-cache
last-modified: Wed, 26 Feb 2020 10:56:24 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d50fddc7fc29274ffa315244d65643b7
x-transaction: 0085088000d35723
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 wcm Show response
www.google.be/pagead/attribution/ 17 B
504 B 31ms
18ms XHR
application/json 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.be/pagead/attribution/wcm?cl=EY8UCLat37QBEID39aMD&fb=18885479497&use_ssct=1&callback=corscb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/impl-1_32.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

298f43e50bca9522b9df850442cb53fb51580aa277a3feb754aed322ea644159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
Origin: https://corelight.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 10:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://corelight.com
cache-control: private
access-control-allow-credentials: true
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37
x-xss-protection: 0

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 5906 0
0 76ms
19ms Document
text/html 147.75.32.125
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-875805.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.32.125 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress14
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://corelight.com/about-bro/how-bro-works/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://corelight.com/about-bro/how-bro-works/

Response headers

status: 200
date: Wed, 26 Feb 2020 10:56:24 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 29 Jan 2020 12:33:12 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.031
section-origin-responded: true
age: 2413205
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 7b0919cbdf752e1c8b9f32d8def238c6

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 436 B
934 B 131ms
70ms XHR
application/json 143.204.202.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fcorelight.com%2Fabout-bro%2Fhow-bro-works%2F&page_title=Corelight%20-%20About%20Bro%20-%20How%20Bro%20Works&key=25258842cc23579df107f7f0f83c0c1c&src=tag
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/c786d2fa.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.20 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-20.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 442c0c2f4559bee30649c1064f295384c2086a564b5fd9654737c2dda7ba745b

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
Origin: https://corelight.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 26 Feb 2020 10:56:25 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
status: 200
request-id: 4408522f-f383-4f2d-af35-bb150e2effb8
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://corelight.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cNcJ5sZoU0RwTdRPn-DjQCK-B1haILQUpkkkNibaMqIixFSBfzviyA==
expires: Tue, 25 Feb 2020 10:56:25 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAGh7068rJ4AABPMcHHRag
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAGh7068rJ4AABPMcHHRag&verifyHash=fc507530939f3e69a0239e46dfbc5ee4799b788

26 B
409 B

109ms
109ms

Image
image/gif

143.204.202.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAGh7068rJ4AABPMcHHRag&verifyHash=fc507530939f3e69a0239e46dfbc5ee4799b788
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-106.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 26 Feb 2020 10:56:25 GMT
Via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 35e1456dd10ede96
X-Amz-Cf-Id: 9dW4G_NfRTMQyNlRd-f_8FySmyLZbju8vmaqgp1IF2uhfep9RaawGw==

Redirect headers

Date: Wed, 26 Feb 2020 10:56:25 GMT
Via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAGh7068rJ4AABPMcHHRag&verifyHash=fc507530939f3e69a0239e46dfbc5ee4799b788
Connection: keep-alive
trace-id: 63728db863c9be12
Content-Length: 0
X-Amz-Cf-Id: NxnPfUJPI2AASVb5yu2JYZXHuKduLacgTKShOEd5XANbJJwl3hoCGA==

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 446ms
112ms Script
application/javascript 52.21.178.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: corelight.com
URL: https://corelight.com/about-bro/how-bro-works/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-2-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: f6652dacc3641651bf842bb18861c6fbb66581a3dd2c41dde3226764740684b6

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 26 Feb 2020 10:56:25 GMT
Content-Encoding: gzip
X-Pardot-Route: ea50fcd3dcf777490e1499615b883deb
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
Last-Modified: Mon, 29 Oct 2018 21:18:11 GMT
Server: PardotServer
ETag: "13e7-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1817
Expires: Fri, 25 Feb 2022 10:56:25 GMT

GET
H2 200 index.html
js.driftt.com/deploy/assets/ Frame 4FF0 0
0 49ms
49ms Document
text/html 143.204.202.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/index.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1582714800000/7hbw4wxfwim5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.202.3 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-202-3.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /deploy/assets/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://corelight.com/about-bro/how-bro-works/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://corelight.com/about-bro/how-bro-works/

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 894
server: nginx
last-modified: Mon, 24 Feb 2020 19:42:01 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 26 Feb 2020 10:56:25 GMT
etag: "e8f7068735db78c98b6b3f7204442c40"
cache-control: max-age=10
x-cache: Hit from cloudfront
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: lVuJGAN2a2CIDIgIdOxaHA2f2XkdUiOm35f6F58xnsnrIDDoyh_iOQ==

GET
H/1.0 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 336ms
336ms Script
text/javascript 52.21.178.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&pi_opt_in=&campaign_id=45959&account_id=421832&title=Corelight%20-%20About%20Bro%20-%20How%20Bro%20Works&url=https%3A%2F%2Fcorelight.com%2Fabout-bro%2Fhow-bro-works%2F&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-2-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 7a726c0a7d794949f90517054fab88faa1374e622d72784885bfa7502c2c8d56

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Wed, 26 Feb 2020 10:56:26 GMT
Content-Encoding: gzip
X-Pardot-Route: 13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
X-Pardot-Rsp: 16/121/183
Vary: Accept-Encoding,User-Agent
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 538
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.0 200
OK analytics Show response
www3.corelight.com/ 50 B
1 KB 513ms
184ms Script
text/javascript 35.174.78.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www3.corelight.com/analytics?conly=true&visitor_id=548349164&pi_opt_in=&campaign_id=45959&account_id=421832&title=Corelight%20-%20About%20Bro%20-%20How%20Bro%20Works&url=https%3A%2F%2Fcorelight.com%2Fabout-bro%2Fhow-bro-works%2F&referrer=&visitor_id_sign=1dc615590bd5947bb464340e918ac46bd0fdd09f8af11400b8f7b7f24fd0c67bb17d5cb1d153cf31533d913cb0c4b0a6fc54db09
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&pi_opt_in=&campaign_id=45959&account_id=421832&title=Corelight%20-%20About%20Bro%20-%20How%20Bro%20Works&url=https%3A%2F%2Fcorelight.com%2Fabout-bro%2Fhow-bro-works%2F&referrer=
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.78.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-5-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Wed, 26 Feb 2020 10:56:26 GMT
X-Pardot-Route: 13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB: d3d7f55bb0643f40d338b3c1e133d5c5
X-Pardot-Rsp: 16/67/232
Vary: User-Agent
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 50
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=554186444&t=event&ni=1&_s=2&dl=https%3A%2F%2Fcorelight.com%2Fabout-bro%2Fhow-bro-works%2F&ul=en-us&de=UTF-8&dt=Corelight%20-%20About%20Bro%20...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-86222136-1&cid=1291771456.1582714584&jid=1733004021&_gid=199158394.1582714584&gjid=709253586&_v=j81&z=370910720
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-86222136-1&cid=1291771456.1582714584&jid=1733004021&_v=j81&z=370910720
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-86222136-1&cid=1291771456.1582714584&jid=1733004021&_v=j81&z=370910720&slf_rd=1&random=196650848

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-86222136-1&cid=1291771456.1582714584&jid=1733004021&_v=j81&z=370910720&slf_rd=1&random=196650848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Feb 2020 10:56:28 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Feb 2020 10:56:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-86222136-1&cid=1291771456.1582714584&jid=1733004021&_v=j81&z=370910720&slf_rd=1&random=196650848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
5ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=554186444&t=event&ni=1&_s=3&dl=https%3A%2F%2Fcorelight.com%2Fabout-bro%2Fhow-bro-works%2F&ul=en-us&de=UTF-8&dt=Corelight%20-%20About%20Bro%20-%20How%20Bro%20Works&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Drift%20Widget&ea=Message%20Received&el=Playbook%20ID%3A%201608420&_u=aHBAAEAB~&jid=&gjid=&cid=1291771456.1582714584&tid=UA-86222136-1&_gid=199158394.1582714584&gtm=2wg2c0PVV5SJD&z=770835896

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 22 Jan 2020 05:59:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3041810
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 6ms
5ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=554186444&t=event&ni=1&_s=4&dl=https%3A%2F%2Fcorelight.com%2Fabout-bro%2Fhow-bro-works%2F&ul=en-us&de=UTF-8&dt=Corelight%20-%20About%20Bro%20-%20How%20Bro%20Works&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Drift%20Widget&ea=Message%20Received&el=Playbook%20ID%3A%201608420&_u=aHBAAEAB~&jid=&gjid=&cid=1291771456.1582714584&tid=UA-86222136-1&_gid=199158394.1582714584&gtm=2wg2c0PVV5SJD&z=1494595781

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://corelight.com/about-bro/how-bro-works/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 22 Jan 2020 05:59:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3041810
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/Nb6DRvAKHCw

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 07:38:36	Name: GPS Value: 1
corelight.com/	1970-01-20 01:09:46	Name: _gd_visitor Value: 07178bbd-668a-4440-84bc-865044cf4e30
.youtube.com/	1970-01-19 11:57:46	Name: VISITOR_INFO1_LIVE Value: QNjyUzgY98U
corelight.com/	1970-01-20 01:09:46	Name: _gd_svisitor Value: 328414029b190000d84e565e2d0200002a0c0000
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: soRPrEYTf6o
.corelight.com/	1970-01-20 01:09:46	Name: _ga Value: GA1.2.1291771456.1582714584
corelight.com/	1970-01-20 01:11:12	Name: driftt_aid Value: 677fc5f7-3188-490a-981a-7ef2aed1be6d
corelight.com/	1970-01-19 07:38:48	Name: _gd_session Value: b56d3c17-3a47-455c-8fa0-10ff937ddcd7
corelight.com/	1970-01-19 09:48:10	Name: gwcc Value: %7B%22fallback%22%3A%2218885479497%22%2C%22clabel%22%3A%22EY8UCLat37QBEID39aMD%22%2C%22backoff%22%3A86400%2C%22backoff_expires%22%3A1582800984%7D
.corelight.com/	1970-01-19 09:48:10	Name: _gcl_au Value: 1.1.971537486.1582714584
.corelight.com/	1970-01-19 07:38:34	Name: _gat_UA-86222136-1 Value: 1
.corelight.com/	1970-01-19 16:11:12	Name: _hjid Value: 15cfa991-5175-405a-a2e2-e60130603a8b
.corelight.com/	1970-01-19 07:40:00	Name: _gid Value: GA1.2.199158394.1582714584

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.gstatic.com/recaptcha/releases/61bII03-TtCmSUR7dw9MJF9q/recaptcha__en.js(Line 510) Message: reCAPTCHA couldn't find user-provided function: vueRecaptchaApiLoaded

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.company-target.com
b.6sc.co
c.6sc.co
corelight.com
j.6sc.co
js.driftt.com
match.prod.bidr.io
pi.pardot.com
px.ads.linkedin.com
s.ytimg.com
script.hotjar.com
segments.company-target.com
sjs.bizographics.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tag.demandbase.com
vars.hotjar.com
www.google-analytics.com
www.google.be
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
www3.corelight.com
www.youtube.com
104.244.42.197
104.244.42.67
13.35.253.57
143.204.202.106
143.204.202.20
143.204.202.3
143.204.202.81
147.75.32.125
147.75.32.99
147.75.33.131
151.101.112.157
2.19.36.87
216.58.210.2
2a00:1450:4001:818::200e
2a00:1450:4001:81b::2003
2a00:1450:4001:81b::200e
2a00:1450:4001:81f::2008
2a00:1450:4001:821::2003
2a00:1450:4001:821::2004
2a00:1450:4001:824::200e
2a00:1450:4001:825::2003
2a00:1450:400c:c04::9c
2a02:26f0:f1:28a::3adf
2a02:26f0:f1:29d::25ea
2a05:f500:10:101::b93f:9101
2a05:f500:11:101::b93f:9005
35.174.78.146
52.21.178.134
52.214.123.193
2713d916bfd08d4a04eeb0dc0042caa636a51ec1aa3d50a08b50a52d0ba9ab17
298f43e50bca9522b9df850442cb53fb51580aa277a3feb754aed322ea644159
2d026477a3f7a4bd0e23cab9a84927283ae7086b72015b510d5e9363a4427caa
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3252128425e1e7b89d9f1e14192ba6b3b3140348a27a208edb8583401e00334e
3459985f7137891a15f19247d95d5b53b649470299f991c57deabc7777f2f5eb
3676c19e19e55d7c62044bf90561bb191f7b24fabaedf0e1a6afffe3a4cf5049
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
427357c89991fabce3fc001b8434c120d2130231517c6c71bd22834eb789e5fe
442c0c2f4559bee30649c1064f295384c2086a564b5fd9654737c2dda7ba745b
540d84351e411c59ef91ba7ec4d4acbe738a56fb2c682bdde5cc88eda5878184
575e47ce392355c76acb5f9a9223b7cf0690c2d45d8d245d67574c94db7073f7
628f44c12008251d29a3df8a4d05388aed026f9689bee0aae063533637f95751
65f4922ab8cf9536a7ad70cac98c1667c9b8a70d69e88c61227be23059417b66
724ffca6332d70f4cbb540b05753e0e5d59a9b25a0eefd2e46fbf841ad41889b
7a726c0a7d794949f90517054fab88faa1374e622d72784885bfa7502c2c8d56
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a2f6b706620b27015876cce4ec1eaea37d1671245b83980e3331a14484f4f59
8b52955ddb6d6e75624fe0c01be5d9750382b17bb089efd881e3ae65d95e5898
9081be38d63b2736d8d7a6f5a33f30014b75c9231c1e53160d8b4c94cf21cbec
92dea0037946ab7baf6fa695b397e14e78ab4702a3a1526729ac43c6457fe310
95f4bb89e42cbbadc84759c99bccb8ef9e27013374e8b771cf36e7cb31411204
961ce428952e7e0fe9d0cb415d5bf130e12d32bbc32a72ecc6a8c34d49e6c8ca
9b36c14f6655fc0da0f85cd0f643eaa8f5c0c393a1af84149047f5a3b5eae60a
9cc17f2a29825643f4ab4b92f34c6fe5e9b12f1dd87068a07c4933488fd880f7
a1112b5152bfce156db9a24de44e9dd17c0e0f6abc3740b259db7164a3ce0740
a35ddf68298e07dc739dc1faba1b47e28716699d95eedfe51b2e85f65aae6311
a37c5026f2d145ee5014c4ba15eb7841b55493eafdf602f0cf75b54e4c914377
a56fd80610152e580304ab562acfa9bb8121485ce33eca6b40730a528f0c97e4
a86c9ca5c9f1632576526abf95a068a0ef0f80e6d409e62fb461afcc4fa621fd
ab2e90da0794fcdea5401cced122f4d90940cdd6b2af95711676d120adb859d8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b67b9472884823ec089b53a04f8899d8ba7a23f3533c5667e75ea4e13f4c9b97
bba3ce31a068f3a77a545bf0ef625b4823739ada733d784872b68ef722bcb795
c2b8d3b44bc7d1cd2de614675f91418ec7fc014fa77199c3d0a12882f4691579
c9d52bb4f12738f6da0ed83898dcfd81d4b873582d78258706feeeef5e3f510a
cbb6560ed1e9e91e2ceb73f50c333bf5fd86d56839161bf5383a1dd44faf5bc2
ce5468c6ee0580c04f7f08f0b81731b8911caff9663e6d3baedc2bf35a3eafb3
d0cf465ac5fd0abf1aa549d6a7befc390e2b26deb4aa14d63dd19e591f46b9d5
d6117da538274d9c4df8a650e5207e7a0278125b819cb0644d67379dc1b5304f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e24eebce672e525c8268db380a3e65b3369b7c5335c7888d5b08554cbde79863
e3395ef075ee4c9d243a2b3ba591a4ec4896f0cc6add2434cb416e19a291f4a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eb1bd595c36a9da5b069834dfccb512a186a280e1a9e4c14bb074d41fcf03707
edbe5b0efd18f8a8b39e294b847a72289fd77b2e370cb8f6edc9e1a34f2c2330
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd8cb47898e65844edc526a9688dd8373885ad1364eccb282d1d5555615653e
f21a07b8173a59a6cdf3f46d46a4bd1b14e4146d4e1c80a543021a6d69b2fe8c
f6652dacc3641651bf842bb18861c6fbb66581a3dd2c41dde3226764740684b6
fd3944f9eb849b9a7a5fc78ccde06c6bff482ec905080ee5b8aa5e8fced1a34a
fe7a86c76c74d7ed774325d80240edd8f7f9cd835392c368884616effa572d4e

corelight.com Open in urlscan Pro 13.35.253.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

63 Requests

98 %HTTPS

45 %IPv6

24 Domains

31 Subdomains

27 IPs

6 Countries

1575 kBTransfer

3204 kBSize

13 Cookies

10 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

corelight.com Open in urlscan Pro
13.35.253.57 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

98 %
HTTPS

45 %
IPv6

24
Domains

31
Subdomains

27
IPs

6
Countries

1575 kB
Transfer

3204 kB
Size

13
Cookies

63 HTTP transactions
1 data transactions